Obtain domain/IP registration information

For a computing resource to be accessible to the public, domain names and IP addresses must be registered with an authorized organization. [1] [2] [3]

ID: T1251
Sub-techniques:  No sub-techniques
Tactic: Technical Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018


Detectable by Common Defenses (Yes/No/Partial): No

Explanation: Open access to DNS registration/routing information is inherent in Internet architecture.

Difficulty for the Adversary

Easy for the Adversary (Yes/No): Yes

Explanation: Proliferation of DNS information makes registration information functionally freely available.


  1. Google Domains. (n.d.). About WHOIS. Retrieved April 2, 2017.
  2. Jeff Bardin. (2012, October 10). OSINT and Cyber Intelligence - Fun and Sun in Miami. Retrieved March 1, 2017.
  1. Gregory Scasny. (2015, September 14). Understanding Open Source Intelligence (OSINT) and its relationship to Identity Theft. Retrieved March 1, 2017.